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[57] ABSTRACT 

A digital camera method and apparatus providing encryption 
of an image during the acquisition process, and therefore 
avoiding any stage wherein unencrypted image data exists. 
An encrypted password is generated. This is done either by 
a user and downloaded to the camera, or it is generated in the 
camera and displayed to the user. Inside the camera, an 
encryption generator is initialized upon reception and suc- 
cessful decryption of the password, whereupon light is 
admitted from an object to be photographed and converted 
to digital image data. The camera then performs a first 
encrypting operation on the digital image data to create 
temporarily encrypted image data. This encrypted data is 
saved temporarily, whereupon it is decrypted in increments 
and each increment processed to form processed image data. 
Each increment then undergoes a second and final encryp- 
tion operation to create final encrypted image data which is 
stored in the camera for transmission to a computer. Alter- 
natively to storing encrypted data temporarily, if the quantity 
of image data can be handled in one step it is processed 
directly and then encrypted and saved in camera storage. 
Therefore, at no stage in the image acquisition is there a 
point where image data is stored in unencrypted form from 
which unauthorized access might be obtained. 

12 Claims, 5 Drawing Sheets 
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METHOD AND APPARATUS FOR IN- generated in the camera and displayed to the user. Inside the 

CAMERA ENCRYPTION camera, an encryption generator is initialized upon reception 

and successful decryption of the password, whereupon light 

BACKGROUND OF THE INVENTION admitted from an object to be photographed and converted 

1. Field of the Invention 5 t0 digital dala * The camera then P erform s a first 
' . lt , , , encrypting operation on the digital image data to create 

Tne present invention relates generally to methods and temporarily encrypted image data. This encrypted data is 

apparatus for encrypting images, and more particularly to a saved t raril whereU pon it is decrypted in increments 

method and apparatus for encrypting images in a camera as and each mcrement processed t0 form processed image data, 

part of the image acquisition process. 1Q Each increment then undergoes a second and final encryp- 

2. Brief Description of the Prior Art t i on operation to create final encrypted image data which is 
The use of encryption techniques to secure messages is stored in the camera for transmission to a computer. As an 

well known in history. With modern data communications alternative to storing the encrypted data temporarily, the 

and storage devices often accessible by third parties, the camera can process it directly and then encrypt and save it 

securing of information is a problem receiving a great deal 15 in camera storage. At no stage in the image acquisition 

of attention. For example, in U.S. Pat. No. 5,159,630 by process is there a point where image data is stored in 

Tseng et al. a system for maintaining the security of infor- unencrypted form on a medium of a type from which 

mation transmitted between facsimile machines is described unauthorized access can be obtained, 

wherein messages on paper are encrypted by the facsimile ^n advantage of the present invention is that it provides 

machine, transmitted in secure encrypted form and 20 secure image encryption by performing the encryption as 

decrypted at the receiving end. U.S. Pat. No. 5,420,924 part 0 f me image acquisition, whereas prior art systems 

discloses a method of encryption using a scanner with digital a u ow a step where unencrypted images are readable, 

technology to record an image and then sample and encrypt A further advant of the nt invention is that in case 

a portion of it for companson with an image presented on an Qf ft malftmction of me syslerrj) any stored ^ data is 

I.D. card. 25 encr y pted and therefore unreadable. 

In order to secure data transmission, the data is encoded A ^ advant of me m mveEllion ^ a 

on the sending end and decoded at the receiving end. Tins ^ {n ^ time due to the eIiminatioa of thc 

deters a third party from decipheruig the message in route. intermcdiatc step of transporting unencrypted images to a 

Such a method is described m U.S. Pat. No. 5,233,653 by fcr for 

Katsurabayashi. 30 

A method of securing payment documents is described in IN THE DRAWINGS 
U.S. Pat. No. 5,297,202 wherein a document is signed by a 

customer and a copy of the signature is captured in digital FIG ' 1 Jlu f trates * c °P craU0D of a camera encryption 

form. Thereafter the signature is encrypted and saved along s y stem according to the present invention; 

with a digital record of the transaction. 35 FIG. 2 is a block diagram showing the major components 

In addition to the above methods of achieving secured of a camera i 

messages, signatures and I.D. cards, there is a need in the FIG. 3 is a block diagram describing the programmed 

area of conventional digital photography. Images captured operations of the digital camera encryption system of the 

and stored by a digital camera on a PCMCIA card, or present invention and its use with a host computer and 

downloaded to a PC are subject to interception and viewing printer; 

by unauthorized persons. Typically, a digital camera outputs FIG. 4 is a block diagram detailing the steps involved in 

digital image data to a PCMCIA card, disk, or through lines encrypting; and 

to a computer. The card or disk could be intercepted and the pi GS 5Aand 5B are tables with data illustrating a simple 

image viewed, or the data downloaded to a computer could ^ examp i e 0 f the basic concept of digital encryption, 
be extracted prior to an encryption procedure. Newspaper 

reporters, investigators, etc. have a need to temporarily store DETAILED DESCRIPTION OF THE 

photographic images in a way that is secure from unautho- PREFERRED EMBODIMENT 

rized viewing. There is, therefore, a need for a camera that Referring now to FIG. 1 of the drawing, there is an 

will provide encrypted, secure image data from the moment 5o illustration of the operation of a camera encrypt ion system 

of image acquisition. according to the present invention. There is a digital camera 

SUMMARY OF THE INVENTION ^ a nost computer 12 and a printer 14. A variety of means 

of communication between the camera 10 and computer 12 

It is therefore an object of the present invention to provide are snown i nc i u ding a cable assembly 16 interconnecting 

a camera that encrypts photographic images. 55 with tne camera 10 and computer 12 through connectors 18 

It is a further object of the present invention to provide a and 20. Communication can also be accomplished through 

camera which encrypts a photographic image in the process use of a disk 22, such as a PCMCIA card for use with 

of image acquisition. card/disk slots 24, 26. Radiated signals can also be used for 

It is a still further object of the present invention to communication as indicated by transceivers 28, 30. In 

provide a camera that does not store or transfer an unen- so addition, information can also be transferred through con- 

crypted image, even temporarily. nections 32, 34 to a modem for transmission through a 

Briefly, a preferred embodiment of the present invention telephone system. The computer 12 is shown interconnected 

includes a digital camera method and apparatus providing with the printer 14 by way of cable assembly 36 and 

encryption of an image during the acquisition process, and connector 38, 40. 

therefore avoiding any stage wherein unencrypted image 65 The camera 10 is constructed and configured for encrypt - 

data exists. An encrypted password is generated. This is ing images as part of the image acquisition process. The 

done either by a user and downloaded to the camera, or it is process begins with either the user or camera 10 supplying 
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a password, the choice being made by the user through the camera 10 can provide the password, as indicated in 
operation of a camera control located, for example, on block 72, beginning with the camera 10 generating a pass- 
camera control and display 42. The operator can prepare the word 84 according to pre-programmed guidelines. The pass- 
password in encrypted form through the use of the computer word is then displayed for the user to make record of and 
12, the password then being downloaded to the camera 5 encrypted (block 86), The encrypted password is then sent to 
through any of the communication methods described block 82. The above password encryption process describes 
above. Alternatively, the user can choose from controls and employs a single password for initializing the camera to 
provided to have the camera 10 supply and display a take a picture and encrypt an image, as well as for decrypting 
password for example on the control and display 42. the image at a later stage such as in the host 
r computer atter the encrypted image data has been trans- 
In response to receiving an encrypted password, the w fcrrcd tQ the uter alternale password method 
camera 10 initializes an encryption generator and then in ^ [o use OD6 ord for 6ncrypling me and another 
response to user activation takes the picture. According to fof d ting A alt6rnativ6 would be to not 
the present invention, the camera 10 then acquires an image requirc a password at all for cncryp , ion> but on i y f or 
and converts it to digital data. This data is then handled m decryption . Such would be the case in what is called a 
one of two ways. One of these is to process it directly to 15 bKc/ rivate key . -j^ altematives ^ included in tne 
create processed image data and thereafter encrypt it to form present invention 

final encrypted image data. Alternatively, according to the ^ ^ ^ of tur£ ds 

preferred embodiment of the present invention, and provid- ^ 1q ^ g2 dc , m m6 Q td, checking 

ing enhanced secunty, the image data can undergo a first ite vaUdi f y and initializug/ini ^ tin | the ; ncrvption process 6 

encryption to create temporarily encrypted image data winch *° ^ ^ ^ ^ fa 

can be safely stored in the camera. This temporarily _ r . . f r , „. . , 

, . / . . . . , . • . , i The camera functions of handling the password as 

encrypted data is then extracted in increments, and each , .. , . , , . & a& * 

t • j, *jj a * f * m ♦ described above are directed by the processor 48 in com- 

mcrement is decrypted and processed to form an increment . ... ' , r _ , 

r i ■ j * w u *u a^, n ^ n ro^^A munication with the operator controls 42 and memory 50. 

of processed image data, which then undergoes a second . * / 

and/or final encryption to form final encrypted image data. » J* process of "takmg- the picture (block 88) solves the 

The advantage of fhis procedure is that when the raw data is ma S e a^ion circuitry 44 as explained above. The 

. ... 4 j ■ . • *u * • *u processor 48 upon receipt of the digital image data can then 

initially encrypted pnor to processing, there is no step in the * , * . r . & , b . . f 

. • * j j * ■ * j j proceed with the image processing and encrypting in one oi 

camera process wherein any unencrypted data is stored, ana \ ^ j • . ,t_ i * 

r •* ■ • * ~ ^ * the two ways according to the particular system program- 
therefore it is more secure against an unauthorized attempt . i %u u- * i *u a f 
, . , A to ™ mine or user selection. The choice of particular method of 
to acquire the image data. 3U a * * a • * a 
^ " processing, i.e. the image data stored in unencrypted or 
Following the camera image acquisition process, the final encrypted form internal to the camera, is made by either hard 
encrypted data is sent to the computer 12 by any of the wife [n (he camefa Qr ^ aQ altemativej se l ec table through an 
means described above, whereupon the image can be viewed operalor control 42 on the camera. 

or printed (printer 14) upon user presentation of the pass- ^ If ^ gfeatest degree Qf fe required) ^ camera 

word " is programmed to proceed to provide a temporary encryption 
FIG. 2 shows a block diagram of the major operational of tne raw data supplied by the image acquisition 
portions of a digital camera. These include an image acqui- apparatus 44. This choice is indicated by arrow/path 90 and 
sition apparatus 44 in communication through bus 46 with a the temporary (ephemeral) encryption is performed accord- 
processor 48. The processor by way of bus 52, stores data in 4Q ing t0 bloc k 92, beginning with the generation of a tempo- 
memory 50, which also includes memory for basic rary encryptor or i.e. key, (block 94) which is processed with 
operations, the memory also referred to as an image buffer. the raw data v j a ^ 90 to crea t e temporary encrypted data 
Input and output of data is through one of the various means ( block 95) whicn ^ saved m me mory 50 as indicated by 
described above, including a cable connector 54 through bus block 95 ^ s temporary or i.e. first encryption avoids the 
56, card/disk slot 58 through bus 60, transceiver 62 by way 45 need t0 savc UDencry pted data, and provides added security 
of bus 64, or modem connection (not shown in FIG. 2). in that tnere ^ no data storage f rom which an unauthorized 
Controls 42 are shown connected to the processor by way of uscr could extract unencrypted data even if the camera is in 
bus 66. the possession of an unauthorized individual. The temporary 
The image acquisition apparatus 44 includes components saving of data (block 96) is needed when/if the processor 48 
well known by those skilled in the art and need not be shown 50 can not handle all of the incoming data immediately. The 
in detail in order to practice the invention. The acquisition processor 48 then extracts the encrypted data in increments, 
apparatus 44 includes an image optical pickup such as a each increment of data decrypted (block 98) and processed 
charged coupled device (CCD) and A/D circuitry to convert (block 100) to form processed image data, 
the analog CCD signals to digital form for the processor 48. Th e temporary encryptor of block 94 is initialized by an 
Referring now to FIG. 3, an operational block diagram 55 internal password. This password can be different from the 
details the encryption process of the present invention. The password available to the operator as discussed above in 
blocks of FIG. 3 include the novel camera operations and the reference to blocks 70, 72, and different from a password 
operations performed by the associated host computer sys- associated with block 112 to be described in the following 
tem. Blocks 70 and 72 illustrate the two methods of deter- specification in relation to decrypting image data at a host 
mining the password described above. According to block 60 computer. The present invention includes an alternate 
70, the operator creates a password through use of the host embodiment wherein the internal password is different from 
computer 12. This can be done either manually, the user the first password for encrypting or i.e., taking the picture, 
providing the password (block 74), or the operator can and different from a second password for decrypting the final 
instruct the host computer 12 to create a password (block encrypted image data, which can be the same password as or 
76). In either case, the host computer is programmed to 65 different from the first password. The programming accord- 
encrypt the password (block 78) prior to downloading (block ing to the present invention includes the alternative of the 
80) to the first camera 10 operation (block 82). Alternatively, camera randomly selecting an internal password, and also 
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selecting a different internal password each time data is 
temporarily encrypted. This process makes it impossible for 
anyone to extract unencrypted data from internal camera 
storage. 

Following the temporary encryption and/or processing of 5 
the image data, the processed image data then undergoes a 
second or i.e. final encryption and storage (block 102). 
Block 102 shows the second/final encryption (block 104), 
and saving of the final encrypted image data (block 106) in 
the camera memory, or removable external storage device 10 
50. Upon user command through controls 42, the camera 10 
transmits the final encrypted image data (block 108) to the 
host computer 12 (block 110). In order to use the image data, 
the password is presented by the user (block 112) and the 
data is decrypted (block 114). Again, the camera encryption 15 
programming can be done so that the password required at 
this point can be different from or the same as the password 
to encrypt. At this point the user can view the image 116, 
print the image 118, or/and save the image 120. 

In order to clarify a process of digital encryption of data, 20 
a simplified example is now given with the assistance of 
FIGS. 4, 5 A and SB. To begin with, upon reception of a 
correct password (block 122) the processor 48 creates a key 
(block 124) of a predetermined length K. An input data 
stream (block 126) of length N is loaded K bits at a time 25 
(block 128) and exclusive OR'd (XOR'd) with the key 
(block 130), The result of the XOR block 130 is stored 
(block 132), and while the input stream lasts (block 134), 
another length of K bits is loaded (block 128). The XOR'd 
image stream is returned, i.e. stored as encrypted data in 30 
memory 50 (block 136). 

FIGS. 5 A and 5B illustrate a simple example of the 
processes of encryption and decryption using all possible 
combinations of the binary XOR operation. The key length 35 
in the example is K=4 and equal to 1010 (column 138). FIG. 
5 A shows the process of encryption. An image data stream 
is assumed to have an incremental length of 4 data bits equal 
to 1100 (column 140). The first row 141 shows a "1" bit of 
image data XOR'd with a "1" bit of the key to yield a "0" 4Q 
result because of the "exclusive OR" function. Similarly, "1" 
XOR'd with "0" results in "1", as does "0" XOR'd with "1", 
and "0" XOR'd with "0" in the next two rows yields "0", the 
results all shown entered in column 142. Similarly, FIG. 5B 
shows the process of decryption, the image data (column 45 
144) being the encrypted "result" from FIG. 5 A, which is 
XOR'd with the key (column 146) to yield the decrypted 
original data in column 148 which is exactly the same as 
column 140 in FIG. 5 A as it should be. 

Referring again to FIG. 4, a more lengthy example is 50 
given in blocks 150-160, where block 150 contains the input 
data stream and block 152 the key. Block 154 contains the 
first 8 bits of the stream in block 150 loaded according to 
block 128. Block 156 shows the first 8 bits XOR'd with the 
key of block 152. Block 158 indicates the first XOR'd/ 55 
encrypted bits stored. Block 160 is the final encrypted 
complete data stream. 

Although the use of an XOR function is described for 
encrypting, other functions or formulas can be used to 
transform/encrypt digital data from an original to a coded go 
form, with the reverse process being performed for decryp- 
tion. These various alternate functions and formulas are also 
included in the spirit of the present invention when used for 
in -camera encryption. 

Although a preferred embodiment of the present invention 65 
has been described above, it will be appreciated that certain 
modifications or alternations thereon will be apparent to 



those skilled in the art. It is therefore requested that the 
appended claims be interpreted as covering all such alter- 
ations and modifications that fall within the true spirit and 
scope of the invention. 
What is claimed is: 

1. A method of secure processing and encryption of 
original digital image data in a digital camera system, 
comprising the steps of: 

(a) initializing an encryption generator in the camera 
through a user programmable encryption password; 

(b) converting light to original digital image data; 

(c) encrypting within said camera substantially all of said 
original digital image data, whereby the original digital 
image data is inaccessible from said camera in unen- 
crypted form. 

2. A method as recited in claim 1 wherein said encrypting 
includes the steps of: 

(a) first encrypting said original digital image data to 
temporarily encrypted image data; 

(b) saving said temporarily encrypted image data; 

(c) decrypting said temporarily encrypted image data to 
form decrypted image data; 

(d) processing said decrypted image data to form pro- 
cessed image data; and 

(e) second encrypting said processed image data to form 
said final encrypted image data, 

whereby the original digital image data is never accessible 
in unencrypted form. 

3. A method as recited in claim 2 wherein 

a) said decrypting said temporarily encrypted image data 
includes decrypting incremental quantities of said tem- 
porarily encrypted image data to form quantities of 
incremental decrypted image data; and 

b) said processing said decrypted image data includes 
processing each of said quantities of incremental 
decrypted image data to form said processed image 
data. 

4. A method as recited in claim 1 further comprising: 

a) receiving said password as an encrypted password from 
a source external to said camera; and 

b) decrypting said encrypted password to form said pass- 
word. 

5. A method as recited in claim 1 further comprising: 

a) saving said final encrypted image data; and 

b) transmitting said final encrypted image to a device 
external to said camera. 

6. A method as recited in claim 2 further comprising: 
creating within said camera a randomly generated internal 

password required in order to accomplish said first 
encrypting and said decrypting said temporarily 
encrypted image data. 

7. A camera for securely processing and encrypting origi- 
nal digital image data comprising: 

(e) an encryption generator in the camera, the generator 
being user programmable through a user selected 
encryption password; 

(b) means for converting light to original digital image 
data; 

(c) means for encrypting within said camera substantially 
all of said original digital image data, whereby the 
original digital image data is inaccessible from said 
camera in unencrypted form. 

8. A camera as recited in claim 7 wherein said means for 
encrypting includes 



08/19/2003, EAST Version: 1.04.0000 



5,862,: 

7 

(a) means for first encrypting said original digital image 
data to temporarily encrypted image data; 

(b) means for saving said temporarily encrypted image 
data; 

(c) means for decrypting said temporarily encrypted 5 
image data to form decrypted image data; 

(d) means for processing said decrypted image data to 
form processed image data; and 

(e) means for encrypting said processed image data to 10 
form said final encrypted image data, 

whereby the original digital image data is never accessible 

in unencrypted form. 
9. A camera as recited in claim 8 wherein 

a) said means for decrypting said temporarily encrypted 15 
image data includes means for decrypting incremental 
quantities of said temporarily encrypted image data to 
form quantities of incremental decrypted image data; 
and 

b) said means for processing said decrypted image data 20 
includes means for processing each of said quantities of 



8 

incremental decrypted image data to form said pro- 
cessed image data. 

10. A camera as recited in claim 7 further comprising: 

a) means for receiving said password as an encrypted 
password from a source external to said camera; and 

b) means for decrypting said encrypted password to form 
said password. 

11. A camera as recited in claim 7 further comprising: 

a) means for saving said final encrypted image data; and 

b) means for transmitting said final encrypted image to a 
device external to said camera. 

12. A camera as recited in claim 8 further comprising: 

means for creating within said camera a randomly gen- 
erated internal password required in order to initiate 
said means for first encrypting and said means for 
decrypting said temporarily encrypted image data. 

* * * + * 
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